An analysis of information technology risks and governance disclosure: evidence from the top 40 JSE listed companies.
Loading...
Date
2022
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The study analysed the extent to which information technology risks and governance is
disclosed by top 40 JSE-listed companies in their 2021 integrated reports as part of the risk
governance practices. It also conducted a review to identify similarities and differences
between King IV and other international standards such as ISO 27002, 38500, COBIT 5, SOX,
and ISA 315 on IT governance and risk disclosure requirements. The results revealed that 32
out of the top 40 JSE-listed companies (80%) fully complied with King IV and other
international standards on the disclosure of their IT governance and risk management in the
integrated and corporate governance reports. The results further revealed that 8 out of the top
40 JSE-listed companies (20%) partially complied with King IV on disclosure of IT governance
and risk management. Furthermore, the results indicated that King IV and other international
standards were similar on 19 out 24 (79%) of the IT governance and risk management
disclosure requirements and differed on 5 out of 24 (21%) requirements. The study confirmed
the extent of IT and risk governance disclosure of the selected companies and determined areas
of similarities and differences. The study adds to the debate on King IV disclosure requirements
with regards to IT governance and risk management by public companies in corporate reporting
and further adds to the debate on stakeholder theory.
Description
Masters Degree. University of KwaZulu-Natal, Durban.